mån 2007-09-10 klockan 10:13 -0700 skrev techguy005-ml@yahoo.com:
> In a Squid reverse proxy configurations, in order to
> use client certificates, the respective CA signer of
> the client-side certificates must be installed on the
> Squid server (not the web server) level so the
> end-user get challenged to present a client-side
> certificate by Squid instead of by the web server.
> Correct?
Correct.
> Can Squid be configured to define client-side
> certificate requirements at the DIRECTORY level (like
> the aforementioned "/ClientCertRequred/") or does the
> requirements have to be set based on the web site as a
> whole (i.e. "www.whatever.com")?
Currently it's per https_port only. Renegotiation of the SSL connection
by ACL requirements is not yet supported.
Regards
Henrik
Received on Tue Sep 11 2007 - 05:36:16 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT